Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-02-28_281f6dcc6a80c5d35713208b8f87e61e_cryptolocker
-
Size
72KB
-
Sample
240228-mkb8vahd72
-
MD5
281f6dcc6a80c5d35713208b8f87e61e
-
SHA1
439f0a6a3bffc8ad3e9b470e2699f7b50d42903b
-
SHA256
7bd5ee7546eb876f32aeb98b69afdf75e01644af9ba17b0fb63ecc3f650a5306
-
SHA512
8a5d252426f3db1216ea270b85f021da708eb18cfbd546cb1a72e5d8869fc692eba43c35d9d4372ac0cc3a1ec19b062e68adf425aa043cf99b55d558f94035ff
-
SSDEEP
1536:P8mnK6QFElP6n+gymddpMOtEvwDpjIHsale0:1nK6a+qdOOtEvwDpjY
Behavioral task
behavioral1
Sample
2024-02-28_281f6dcc6a80c5d35713208b8f87e61e_cryptolocker.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
2024-02-28_281f6dcc6a80c5d35713208b8f87e61e_cryptolocker.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
2024-02-28_281f6dcc6a80c5d35713208b8f87e61e_cryptolocker
-
Size
72KB
-
MD5
281f6dcc6a80c5d35713208b8f87e61e
-
SHA1
439f0a6a3bffc8ad3e9b470e2699f7b50d42903b
-
SHA256
7bd5ee7546eb876f32aeb98b69afdf75e01644af9ba17b0fb63ecc3f650a5306
-
SHA512
8a5d252426f3db1216ea270b85f021da708eb18cfbd546cb1a72e5d8869fc692eba43c35d9d4372ac0cc3a1ec19b062e68adf425aa043cf99b55d558f94035ff
-
SSDEEP
1536:P8mnK6QFElP6n+gymddpMOtEvwDpjIHsale0:1nK6a+qdOOtEvwDpjY
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-